Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

src: bootstrap Web [Exposed=*] APIs in the shadow realm #46809

Closed
wants to merge 3 commits into from
Closed

src: bootstrap Web [Exposed=*] APIs in the shadow realm #46809

wants to merge 3 commits into from

Conversation

legendecas
Copy link
Member

@legendecas legendecas commented Feb 24, 2023
edited
Loading

This is the initial work to bootstrap Web interfaces that are defined
with extended attributes [Exposed=*].

The ShadowRealm instances are garbage-collected once it is
unreachable. However, V8 can not infer the reference cycles between
the per-realm strong persistent function handles and the realm's
context handle. To allow the context to be gc-ed once it is not
reachable, the per-realm persistent handles are attached to the
context's global object and the persistent handles are set as weak.

Refs: #42528

@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Feb 24, 2023
edited by legendecas
Loading

Review requested:

  • @nodejs/startup
  • @nodejs/realm

@nodejs-github-bot nodejs-github-bot added lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. labels Feb 24, 2023
@legendecas legendecas added the realm Issues and PRs related to the ShadowRealm API and node::Realm label Feb 24, 2023
mcollina
mcollina approved these changes Feb 24, 2023
View reviewed changes
Copy link
Member

@mcollina mcollina left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

joyeecheung
joyeecheung reviewed Feb 24, 2023
View reviewed changes
src/api/environment.cc Outdated
// TODO(legendecas): Per-realm prepareStackTrace callback.
// If we are in a Realm that is not the principal Realm (e.g. ShadowRealm),
// skip the prepareStackTrace callback as the context's security token is
// likely to be different.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually, why do we need different security tokens? Can we just set the non-principal realm's security token to be the same as the one of the principal realm, like what we do for vm contexts? IIUC security tokens in browsers are generally intended for cross-origin global proxies, which isn't really a thing for Node.js. For shadow realms, the cross-realm access is guarded with wrapped functions and callable boundaries. For Node.js realms, do we care about cross-realm object access?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is true that object exchange across the ShadowRealm boundary is limited with wrapped functions. However, it is still possible for host hooks like the prepareStackTrace callback here to leak objects to the principal realm's userland Error.prepareStackTrace override.

It doesn't hurt to set the security token to be the principal realm's. But I don't see the reason to allow the access either.

I've updated the comment to point out that this branch is intended to avoid calling the principal realm's Error.prepareStackTrace override instead of the security token mismatches.

cjihrig
cjihrig approved these changes Feb 26, 2023
View reviewed changes
test/parallel/test-shadow-realm-globals.js Outdated Show resolved Hide resolved
test/common/globals.js Outdated Show resolved Hide resolved
@mcollina mcollina added the request-ci Add this label to start a Jenkins CI on a PR. label Feb 28, 2023
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Feb 28, 2023
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/50087/

@github-actions github-actions bot mentioned this pull request Mar 1, 2023
Open
15 tasks
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/50124/

@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/50132/

@github-actions github-actions bot mentioned this pull request Mar 2, 2023
Open
15 tasks
joyeecheung
joyeecheung reviewed Mar 2, 2023
View reviewed changes
src/node_realm.cc Outdated Show resolved Hide resolved
src/node_realm-inl.h Outdated Show resolved Hide resolved
src/node_realm-inl.h Outdated Show resolved Hide resolved
joyeecheung
joyeecheung reviewed Mar 2, 2023
View reviewed changes
src/node_realm-inl.h Outdated Show resolved Hide resolved
src/node_realm-inl.h Outdated Show resolved Hide resolved
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/50165/

This was referenced Mar 3, 2023
Open
Open
Open
Open
@mcollina
Copy link
Member

mcollina commented Mar 6, 2023

CI is has a relevant test failure:

node:assert:125
  throw new AssertionError(obj);
  ^

AssertionError [ERR_ASSERTION]: Expected values to be strictly deep-equal:
+ actual - expected

+ [
+   'BroadcastChannel'
+ ]
- []
    at Object.<anonymous> (/home/iojs/build/workspace/node-test-commit-linux/test/parallel/test-shadow-realm-globals.js:27:8)
    at Module._compile (node:internal/modules/cjs/loader:1287:14)
    at Module._extensions..js (node:internal/modules/cjs/loader:1341:10)
    at Module.load (node:internal/modules/cjs/loader:1145:32)
    at Module._load (node:internal/modules/cjs/loader:984:12)
    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:83:12)
    at node:internal/main/run_main_module:23:47 {
  generatedMessage: true,
  code: 'ERR_ASSERTION',
  actual: [ 'BroadcastChannel' ],
  expected: [],
  operator: 'deepStrictEqual'
}

Node.js v20.0.0-pre

@github-actions github-actions bot mentioned this pull request Mar 7, 2023
Open
19 tasks
@legendecas legendecas added the request-ci Add this label to start a Jenkins CI on a PR. label Mar 8, 2023
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Mar 8, 2023
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Mar 13, 2023
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/50345/

@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/50349/

@github-actions github-actions bot mentioned this pull request Mar 14, 2023
Open
24 tasks
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/50373/

@github-actions github-actions bot mentioned this pull request Mar 15, 2023
Open
22 tasks
@legendecas
Copy link
Member Author

Landed in d0153ae...e6b4d30

legendecas added a commit that referenced this pull request Mar 15, 2023
@legendecas
lib: distinguish webidl interfaces with the extended property "Exposed"
41b1867 
PR-URL: #46809
Refs: #42528
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
legendecas added a commit that referenced this pull request Mar 15, 2023
@legendecas
src: bootstrap Web [Exposed=*] APIs in the shadow realm
e6b4d30 
This is the initial work to bootstrap Web interfaces that are defined
with extended attributes `[Exposed=*]`.

The ShadowRealm instances are garbage-collected once it is
unreachable. However, V8 can not infer the reference cycles between
the per-realm strong persistent function handles and the realm's
context handle. To allow the context to be gc-ed once it is not
reachable, the per-realm persistent handles are attached to the
context's global object and the persistent handles are set as weak.

PR-URL: #46809
Refs: #42528
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
@legendecas legendecas closed this Mar 15, 2023
@legendecas legendecas deleted the shadowrealm/builtin branch March 15, 2023 16:32
This was referenced Mar 16, 2023
Open
Open
Open
targos pushed a commit that referenced this pull request Mar 18, 2023
@legendecas @targos
lib: distinguish webidl interfaces with the extended property "Exposed"
b37ef83 
PR-URL: #46809
Refs: #42528
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
targos pushed a commit that referenced this pull request Mar 18, 2023
@legendecas @targos
src: bootstrap Web [Exposed=*] APIs in the shadow realm
11e1ec7 
This is the initial work to bootstrap Web interfaces that are defined
with extended attributes `[Exposed=*]`.

The ShadowRealm instances are garbage-collected once it is
unreachable. However, V8 can not infer the reference cycles between
the per-realm strong persistent function handles and the realm's
context handle. To allow the context to be gc-ed once it is not
reachable, the per-realm persistent handles are attached to the
context's global object and the persistent handles are set as weak.

PR-URL: #46809
Refs: #42528
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
@anonrig anonrig mentioned this pull request Mar 31, 2023
Merged
@joyeecheung joyeecheung mentioned this pull request Apr 1, 2023
Open
This was referenced Apr 3, 2023
Merged
Merged
@richardlau richardlau mentioned this pull request Apr 7, 2023
Closed
This was referenced Apr 7, 2023
Merged
Merged
Closed
@RafaelGSS
Copy link
Member

This is breaking v19.x-staging. Could you please create a manual backport? See: #47441 (comment)

legendecas added a commit to legendecas/node that referenced this pull request Apr 12, 2023
@legendecas
lib: distinguish webidl interfaces with the extended property "Exposed"
f4fb8da 
PR-URL: nodejs#46809
Refs: nodejs#42528
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
legendecas added a commit to legendecas/node that referenced this pull request Apr 12, 2023
@legendecas
src: bootstrap Web [Exposed=*] APIs in the shadow realm
57956d6 
This is the initial work to bootstrap Web interfaces that are defined
with extended attributes `[Exposed=*]`.

The ShadowRealm instances are garbage-collected once it is
unreachable. However, V8 can not infer the reference cycles between
the per-realm strong persistent function handles and the realm's
context handle. To allow the context to be gc-ed once it is not
reachable, the per-realm persistent handles are attached to the
context's global object and the persistent handles are set as weak.

PR-URL: nodejs#46809
Refs: nodejs#42528
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
@legendecas legendecas mentioned this pull request Apr 12, 2023
Closed
@danielleadams danielleadams added the backport-requested-v18.x PRs awaiting manual backport to the v18.x-staging branch. label Jun 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cjihrig cjihrig cjihrig approved these changes

@mcollina mcollina mcollina approved these changes

@jasnell jasnell jasnell approved these changes

@joyeecheung joyeecheung joyeecheung approved these changes

Assignees
No one assigned
Labels
backport-requested-v18.x PRs awaiting manual backport to the v18.x-staging branch. lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. realm Issues and PRs related to the ShadowRealm API and node::Realm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@legendecas @nodejs-github-bot @mcollina @RafaelGSS @jasnell @cjihrig @joyeecheung @danielleadams @aduh95